Using attibutes
Emmanuel BILLOT
emmanuel.billot at ac-orleans-tours.fr
Mon May 21 10:59:38 CEST 2012
Le 21/05/2012 10:47, Alan DeKok a écrit :
> Emmanuel BILLOT wrote:
Hi,
Thanks for your answers.
So you mean that NAS (indeed access point for us) have to understand
attributes. Any RFC that NAS doc may refer to ?
If there isn't any doc or attribut, do you know any way to managed users
connexions when using EAP protocol ?
Regards,
>> Our WIFI access is managed by EAP-TTLS/EAP-PEAP with radius
>> authentication based on LDAP. So users can connect and use Internet,
>> however is possible to limit access (bandwith, connecting time) with
>> Freeradius ?
> FreeRADIUS isn't a router. See your NAS documentation for which
> attributes it needs to do access limitation. Many NASes CANNOT do such
> limitation.
>
>> In other words, it seems (maybe i'm wrong) that Freeradius can send
>> attribut with values when answering with Access Accept packet. I guess
>> that clients have to understand it for being effective right ?
> Yes.
>
>> So when using access point with EAP protocol, i guess native EAP client
>> have to be compatibe with an attribut list ?
> No. The EAP client is the end user PC. Only the NAS needs to
> understand RADIUS attributes.
>
>> This behaviour seems to be implemented in captive portal, and attributes
>> can be managed in portal configuration. Is it possible with EAP access
>> (native client or secure w2 like ?)
> No. Captive portals are not compatible with EAP.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Emmanuel BILLOT
CATEL - Dpt. Système et Réseaux
Rectorat - Académie d'Orléans-Tours
10, rue Molière - 45000 Orléans
Tél : 02 38 79 45 57
More information about the Freeradius-Users
mailing list